Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] CIAO Update und Eigenlob,

[Letzteres ist natürlich nicht überraschend in einem Artikel, der auf
einem Hintergrundgespräch mit CIAO-Chef John Tritak basiert. RB]

December 21, 2001 

Federal critical infrastructure office reaches out to states 

By Bara Vaida , National Journal's Technology Daily 

The Commerce Department's Critical Infrastructure Assurance Office
(CIAO) will host a series of regional conferences in early 2002 to
encourage owners of the nation's critical infrastructure to share the
lessons they learned from the Sept. 11 terrorist attacks. 

Information gathered at the conferences, which are intended to
facilitate federal outreach to state and local governments, as well as
the private sector, will be used to help CIAO develop a compendium of
best practices should the nation's critical infrastructure come under
cyber attack. 

"We want the owners and operators of critical infrastructure to have a
dialogue on lessons learned," CIAO Director John Tritak said in an
interview with National Journal's Technology Daily. 

CIAO has scheduled the first meeting for Austin, Texas, tentatively in
February, with others to be held in the Northeast and Midwest. Some of
the lessons learned include the need for companies to exercise computer
backup plans, which some had not done before Sept. 11. 

"Part of my job is to make that connect for businesses," Tritak said.
It's important "that the level of computer security is connected to a
company's bottom line." 

As a member of the newly created Critical Infrastructure Assurance
Board, CIAO was tapped to be the lead outreach to the board's staff.
Tritak said it also supports an inter-agency committee on outreach led
by Kenneth Juster, the undersecretary for Commerce's Bureau of Export
Administration. Through that organization, CIAO works to ensure that the
administration has a consistent message on cyber security throughout
government agencies, he said. 

CIAO also reaches out to the private sector through seven Information
Sharing and Analysis Centers (ISACs), each of which represent a sector
of critical infrastructure. They share and receive information on
potential cyber attacks, as well as on ways more effectively secure
their businesses. Tritak said the ISACs' success has been a "mixed bag." 

"The ISAC is an extraordinary experiment, where you are talking about
competitors coming together and sharing with each other their
vulnerabilities," Tritak said. 

Still, since the attacks, Tritak said he believes the ISACs are evolving
and that some are more effective than others. 

CIAO also is working on identifying regulation that might be needed to
help with cyber security, such as the idea that firms would get certain
exemptions from the Freedom Of Information Act in an effort to keep
their security vulnerabilities secret. Tritak said other issues
potential issues include new regulations related to antitrust or
liability concerns. Tritak also said he wants to correct the belief on
Capitol Hill that the private sector is doing nothing to protect the
nation's critical infrastructure. 

"Often when I go to talk to staff on the Hill, they have the impression
that we aren't doing anything," Tritak said. "If that were true, Wall
Street wouldn't have been able to open the Monday after the attacks." 

Brought to you by

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.